Zero-Day Threat Quietly Growing
It's the calm before the storm. As I write this, the threat of a zero-day virus exists in third-party software utilized by Microsoft, and few seem to know about it.
The hole lies in DirectX Media Software Developers Kit, or SDK, which is regularly included in Microsoft's own products. It takes on the form of an ActiveX control, a measure created before the turn of the century for crafting plug-ins for programs like the web's most dominant web browser, Internet Explorer.
So, what's the threat?!?!
Calm down. For now, there have been no reports of anyone being attacked. What it takes, however, is owning the swiss-cheese ActiveX control. Security firm Secunia has identified the problem file as 'DXSurface.LivePicture.FLashPix.1 (DXTLIPI.DLL)'.
Already outlining the possible consequences, however unlikely, is the United States Computer Emergency Readiness Team. It finds that if a hacker exploiting the flawed ActiveX control can convince an unknowing user to view a special HTML document (like an email and/or attachment), he or she can "'execute arbitrary code with the privileges of the user.'" (Source: pcworld.com)
What solutions are there?
Thankfully, there is help. PC World reports that the simplest way to block the threat is to use "kill bit" in the Windows Registry for the ActiveX control in question. Unfortunately, this type of work isn't for the faint of heart, and should only be approached by a computer expert.
Editing the Windows Registry without professional help is like taking out your appendix hunched over the kitchen sink. Another solution may be the use and update of Norton AntiVirus 2006; Symantec has recently crafted a patch that promises to solve the problem. (Source: antivirus.about.com)
Go Vista, or go to hell
Perhaps it's unsurprising that Microsoft is planning the phasing out of this particular software. Call it one of the best reasons to move to Windows Vista -- few users of the new operating system have reported owning the troublesome ActiveX .DLL file.
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.